Mollom: Practical experience of antispam for comments

Anyone who operates a Web site will sooner or later meet with one of the most current head aches – spam in comments. However, there are many ways to prevent it and some solutions allow a fairly simple solution in the form of protection directly on the form to send comments, while other special services are using spam revealing comments.

Comment spam can be seen in several forms.  The most common is when a spam robot passes through the internet, searching for the form to send comments and then adds an advertise of goods or services, like Viagra or CIALIS, and other things that spammers are currently in course.  Spam robots are should not be underestimated since they are very sophisticated. A good rule of thumb is that you preview comments, the input, and manage spam in different languages on your site.

Defending against these automatic spam robots is simple - in the form use an element called a captcha.  This captcha may depict some text and ask the user to type what he sees. Because of this, spam robots that are able to do optical character recognition (OCR) from the image will have problems recognizing the text if it’s distorted. Unfortunately, many human users will also have a hard time being able to read the text.

In addition to an image captcha there are also randomly generated mathematical questions, expressed either in numbers or words, that requires you to calculate the answer and fill in the form.

The robot, however, may consult with the captcha.  In addition, your captcha will prevent spam robot adding a comment with advertising, vulgarism or other inappropriate content placed on your site.  Unfortunately, even this is obviously happening.  Very often they add short notes like Great article, Thank you, etc, where the author praises the article because the comments received to re-link on your site.

It will depend on your site if such comments will actually be regarded as members, or if you think about robots and delete the comments immediately after discovery.  What I really hate is when I see that a name of a place, which serves as a link, is introduced with a nickname, which also happens to be a key word for the web, which the signature is referring to in the notes.

Mollom - a service for the disposal of comment spam

In addition to continuous monitoring of comments and deleting spam is probably the only solution to use a spam removal service, as they analyze the contents of comments and their input either permit or prohibit. One of these services is Mollom.

I hesitated a long time before I decided to try out other projects from Dries Buytaert, the creator of Drupal.  Having a large number of spam comments from freeloader, which did not even need captcha registration on the web, I was on the verge giving up. Therefore I decided to try Mollom by Dries.

Mollom is currently free for many websites.  For higher volume of contributions you will have to pay €30 a month. After registration you will get into the administration interface where you enter the address of the Web sites, and in return you will get a set of keys generated by the web request to protect against identify spam.

The generated key will then use the programming interfaces to its Web site.  Mollom offers finished system modules for Drupal, WordPress and Joomla, and is supplemented with libraries for PHP, Java, Ruby, Python and .NET.

Up to this  date, less than four Mollom protects over a thousands of Web sites and its effectiveness is given in 99,69%.  Therefore, out of 10 000 spam comments only 31 are let through. The protection is of course not only for the box for comments, but as well as for contact and other forms.

What I like about  Mollom is that it monitors IP addresses of people who pass through it, and when their contributions are marked as spam - or other unwanted content - these users get a bad reputation when sending to other sites where Mollom is used because their address will be known. A good question is how, or if, such people are able to abuse further.

Mollom on my Websites

I must imply that Mollom works really great.  I have installed it on Backup HowTo and Photo HowTo.  After two or three weeks of operation, spam robots began appearing and filled these sites with spam comments.

These robots where smart enough to resolve the ordinary captcha, thus bypassing the protection. Once the sites were given the Google PageRank, the robots began to appear and did not add anything to an interesting article, but only pointed to its sites in either its address in the profile or a container entering the URL into the body of comments.  They did not even need to register.

Since then I deployed Mollom from these "contributors" room. Unwanted comments appear about once a week, so the spam robots are virtually gone. The module for the Drupal very easy to use; If Mollom deletes a comment to my site, it simply reports it together with the reasons as to it why. Comments disappears automatically from the Web, enabling me to focus on other things.

The Mollom module for Drupal also offers simple statistics in a chart with information about the removed spam.  The same graphs can be displayed directly on in the administration of the Web site.

Mollom statistics

Mollom statistics

If you are concerned with commentary spam on your site, I heartily recommend you in trying Mollom. Prohibition of comments are extremely solutions, but using Mollom it is possible to protect any other type of forms on the web without having to cleanup manually after spam robots.